An Artificial Immune System for Misbehavior Detection in Mobile Ad-Hoc Networks with Virtual Thymus, Clustering, Danger Signal and Memory Detectors

Nodes that build a mobile ad-hoc network participate in a common routing protocol in order to provide multi-hop radio communication. Routing defines how control information is exchanged between nodes in order to find the paths between communication pairs, and how data packets are relayed. Such networks are vulnerable to routing misbehavior, due to faulty, selfish or malicious nodes. Misbehavior disrupts communication, or even makes it impossible in some cases. Misbehavior detection systems aim at removing this vulnerability. For this purpose, we use an Artificial Immune System (AIS) approach, i.e, an approach inspired by the human immune system (HIS). Our goal is to make an AIS that, analogously to its natural counterpart [16], automatically learns and detects new misbehavior, but becomes tolerant to previously unseen normal behavior. We achieve this goal by adding some new AIS concepts to those that already exist: (1) the virtual thymus, which provides a dynamic description of normal behavior in the system; (2) “clustering” is a decision making method that reduces the false-positive detection probability and minimizes the time until detection; (3) we apply the “danger signal” approach, that is recently proposed in AIS literature [5,6] as a way to obtain feedback from the protected system and use it for correct learning and finaldecisions making; (4) we use “memory detectors”, a standard AIS solution to achieve fast secondary response.